快速搜索提示:
按厂商查询(如:microsoft)|
按产品查询(如:microsoft sql_server)
漏洞列表 359214
| CVE ID | 标题 | 严重程度 | CVSS | 发布时间 | 受影响产品 | 数据源 | 操作 |
|---|---|---|---|---|---|---|---|
| CVE-2026-27127 |
Craft CMS has Cloud Metadata SSRF Protection Bypass via DNS Rebinding
|
HIGH | 7.0 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2025-13943 |
A post-authentication command injection vulnerability in the log file download function of the Zyxel...
|
HIGH | 8.8 | 2026-02-24 |
Zyxel EX3301-T0 firmware
zyxel ee5301-00_firmware
+51个
|
CVE NVD | |
| CVE-2025-13942 |
A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions thro...
|
CRITICAL | 9.8 | 2026-02-24 |
Zyxel EX3510-B0 firmware
zyxel wx5610-b0_firmware
+17个
|
CVE NVD | |
| CVE-2026-3065 |
HummerRisk Cloud Task Dry-run CloudTaskService.java CommandUtils.commonExecCmdWithResult command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3064 |
HummerRisk Cloud Task Scheduler ResourceCreateService.java command injection
|
MEDIUM | 5.3 | 2026-02-24 |
hummerrisk hummerrisk
|
CVE NVD | |
| CVE-2026-3091 |
An uncontrolled search path element vulnerability in Synology Presto Client before 2.1.3-0672 allows...
|
MEDIUM | 6.7 | 2026-02-24 |
Synology Synology Presto Client
synology presto_client
|
CVE NVD | |
| CVE-2026-27126 |
Craft CMS has Stored XSS in Table Field via "HTML" Column Type
|
MEDIUM | 5.9 | 2026-02-24 |
craftcms cms
craftcms cms
+3个
|
CVE NVD | |
| CVE-2026-26981 |
OpenEXR has heap-buffer-overflow via signed integer underflow in ImfContextInit.cpp
|
MEDIUM | 6.5 | 2026-02-24 |
AcademySoftwareFoundation openexr
AcademySoftwareFoundation openexr
+1个
|
CVE NVD | |
| CVE-2026-26331 |
yt-dlp: Arbitrary Command Injection when using the `--netrc-cmd` option
|
HIGH | 8.8 | 2026-02-24 |
yt-dlp yt-dlp
yt-dlp_project yt-dlp
|
CVE NVD | |
| CVE-2025-11848 |
A null pointer dereference vulnerability in the Wake-on-LAN CGI program of the Zyxel VMG3625-T50B fi...
|
MEDIUM | 4.9 | 2026-02-24 |
Zyxel VMG3625-T50B firmware
Zyxel WX3100-T0 firmware
+48个
|
CVE NVD | |
| CVE-2025-11847 |
A null pointer dereference vulnerability in the IP settings CGI program of the Zyxel VMG3625-T50B fi...
|
MEDIUM | 4.9 | 2026-02-24 |
Zyxel VMG3625-T50B firmware
Zyxel WX3100-T0 firmware
+54个
|
CVE NVD | |
| CVE-2026-26198 |
ormar is vulnerable to SQL Injection through aggregate functions min() and max()
|
CRITICAL | 9.8 | 2026-02-24 |
collerek ormar
collerek ormar
|
CVE NVD | |
| CVE-2026-3057 |
a54552239 pearProjectApi Backend Task.php dateTotalForProject sql injection
|
MEDIUM | 5.3 | 2026-02-24 |
a54552239 pearProjectApi
a54552239 pearProjectApi
+10个
|
CVE NVD | |
| CVE-2026-3054 |
Alinto SOGo cross site scripting
|
MEDIUM | 5.3 | 2026-02-24 |
Alinto SOGo
Alinto SOGo
+2个
|
CVE NVD | |
| CVE-2026-26983 |
ImageMagick: Invalid MSL <map> can result in a use after free
|
MEDIUM | 5.3 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD | |
| CVE-2026-26284 |
ImageMagick has heap overflow in pcd decoder that leads to out of bounds read.
|
MEDIUM | 6.5 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD | |
| CVE-2026-26283 |
ImageMagick has possible infinite loop in JPEG encoder when using `jpeg:extent`
|
MEDIUM | 6.2 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD | |
| CVE-2026-26066 |
ImageMagick has infinite loop when writing IPTCTEXT leads to denial of service via crafted profile
|
MEDIUM | 6.2 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD | |
| CVE-2026-25989 |
ImageMagick has integer overflow or wraparound and incorrect conversion between numeric types in the internal SVG decoder
|
HIGH | 7.5 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD | |
| CVE-2026-25988 |
ImageMagick's MSL image stack index not refreshed, leading to leaked images.
|
MEDIUM | 5.3 | 2026-02-24 |
ImageMagick ImageMagick
ImageMagick ImageMagick
+1个
|
CVE NVD |